lp:ubuntu/precise-security/libxi

Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/precise-security/libxi
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

22. By Marc Deslauriers

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

21. By Marc Deslauriers

No change rebuild in the security pocket

20. By Marc Deslauriers

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - debian/patches/CVE-2013-1984.patch: fix multiple integer overflows.
  - CVE-2013-1984
* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations from signedness issues
  - debian/patches/CVE-2013-1995.patch: fix signedness issues in
    src/XListDev.c.
  - CVE-2013-1995
* SECURITY UPDATE: denial of service and possible code execution via
  incorrect length and bounds checking
  - debian/patches/CVE-2013-1998.patch: properly check lengths and
    indexes in src/XGetBMap.c, src/XIPassiveGrab.c, src/XQueryDv.c.
  - CVE-2013-1998

19. By Chase Douglas

* Report button state and labels correctly (LP: #980041)
  - Add patch 0001_fix_button_mask_and_labels.patch from upstream

18. By Chase Douglas

* New upstream release
  - Bug fixes only
* Drop 0001_scroll_increment_value.patch, merged upstream

17. By Chase Douglas

* Fix scroll valuator increment value on 32-bit machines (LP: #949465)
  - Added 0001_scroll_increment_value.patch
* Bump lintian standards to 3.9.3

16. By Chase Douglas

* New upstream release candidate
* Bump deps on x11proto-input-dev to 2.1.99.6
* Fix libxi6.symbols (delete errant XIUngrabTouchBegin from ubuntu version)

15. By Chris Halse Rogers

Bump build depends on x11proto-input-dev to 2.1.99.5. Our 2.1.99.4 package
is really 2.0.2, so 2.1.99.5 is the first version with MT support.

14. By Timo Aaltonen

* Merge from Debian unstable, remaining changes:
  - Add xi 2.1 support
* Update 1_xi2.1.patch to apply.
* Drop 100_len_raw_events.patch, included upstream.

13. By Bryce Harrington

Add 100_len_raw_events.patch: Cherrypick upstream patch to correct the
use of the calculated structure length for memory allocations. Fixes
issue where incorrect memory size was allocated, leading to valuator
data overwriting memory, resulting in an error "Invalid write of size
1" and heap corruption causing applications to crash when they use Raw
Events. (LP: #770522)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/saucy/libxi
This branch contains Public information 
Everyone can see this information.

Subscribers